blob: d78a305985b027dbad3ce08e27574bc032e65da3 [file]
id: GO-2025-3962
modules:
- module: github.com/esm-dev/esm.sh
unsupported_versions:
- last_affected: 136.0.0
vulnerable_at: 0.0.0-20250920062728-5cc3937618bd
summary: esm.sh has File Inclusion issue in github.com/esm-dev/esm.sh
cves:
- CVE-2025-59341
ghsas:
- GHSA-49pv-gwxp-532r
references:
- advisory: https://github.com/esm-dev/esm.sh/security/advisories/GHSA-49pv-gwxp-532r
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-59341
- fix: https://github.com/esm-dev/esm.sh/commit/492de92850dd4d350c8b299af541f87541e58a45
- web: https://github.com/esm-dev/esm.sh/blob/c62f191d32639314ff0525d1c3c0e19ea2b16143/server/router.go#L1168
source:
id: GHSA-49pv-gwxp-532r
created: 2025-09-22T17:59:12.247720353Z
review_status: UNREVIEWED